<?php

/*----------------------------------------------+
|  MaxForum					|
|  ===========================================	|
|  By Majd Almontaser				|
|  Released under the License GNU v3.0		|
|  http://www.Max4Dev.com			|
|  ===========================================	|
|  Ttmtt Team - http://www.liioiil.com		|
+-----------------------------------------------*/

if (!defined('MAX_ON')){
	echo "<h1>ACCESS DENIED</h1>You cannot access this file directly.";
	exit();
}

# Are they even allowed to upload?
if ($Gallery->p('upload') != 1) max_redirect('index.php?page=gallery', 'gallery');

# If the form has been submitted
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['upload_image']))
{
	# Redirect if there was an error
	if ($_FILES['image']['error'] != 0) max_redirect('index.php?page=gallery&act=upload', 'gallery/upload');
	
	#-------------------------------------
	# Process uploaded image
	#-------------------------------------
		
		# Load image handling class
		require 'classes/image.php';
		$Image = new Image($_FILES['image'], $gallery['settings']);
		
		if (!$Image->check()) max_redirect('index.php?page=gallery&act=upload', 'gallery/upload');
		
		# Upload the image, create thumbnail, etc
		$location = $Image->upload('uploads/gallery/images/', $my_id);
		
		if ($location == false) max_redirect('index.php?page=gallery&act=upload', 'gallery/upload');
	
	#----------------------------------------
	# Clean inputs
	#----------------------------------------
	
		$title	= escape_string($_POST['title']);
		$desc	= escape_string($_POST['description']);
		$album	= (int) $_POST['album'];
	
	#----------------------------------------
	# Add the image to the database
	#----------------------------------------
	
		mysql_query('INSERT INTO ' . $db_prefix . 'gallery_images (album, image, title, description, user, time) VALUES ('.$album.', "'.$location.'", "'.$title.'", "'.$desc.'", '.$my_id.', '.time().')') or die (mysql_error());
		
	#--------------------------------------------------------
	# Get the image's id so we can add rating
	#--------------------------------------------------------
	
		$query = mysql_query('SELECT id FROM ' . $db_prefix . 'gallery_images WHERE user = ' . $my_id . ' ORDER BY time DESC');
		$result = mysql_fetch_assoc($query);
	
	#----------------------------------------
	# Add default rating
	#----------------------------------------
	
		mysql_query('INSERT INTO '. $db_prefix . 'gallery_images_ratings (image, total_votes, total_value, users) VALUES ('. $result['id'] .', 0, 0, 0)');
		
	#----------------------------------------
	# Laters...
	#----------------------------------------
	
		max_redirect('index.php?page=gallery&act=view-image&id=' . $result['id'], 'gallery/view-image/' . $result['id']);
}
else
{
	$lang['upload_location_info'] = sprintf($lang['upload_location_info'], $Gallery->setting('image_max_size'));
	
	$Gallery->template('pages/gallery/upload.template.php')->hook('start', 1);
	
	#---------------------------------------
	# Get categories
	#---------------------------------------
	
		$query = mysql_query('SELECT id, name FROM ' . $db_prefix . 'gallery_albums');
		
		while ($row = mysql_fetch_assoc($query))
		{
			$row['name'] = strip_slashes($row['name']);
			$Gallery->hook(2);
		}
			
		$Gallery->hook(3, 'end');
}
?>
